ESET Ireland Say Vodafone's Customer Protection Against Online Scammers is a Case of 'Too Little, Too Late'
Mobile text messages that try to get the user to do something that ends up benefitting scammers are nothing new. But it's worth reminding people every now and then that these messages come in many different varieties and use different more or less clever tactics to extract sensitive information from their victims.
An example of this was reported by ESET Ireland having received and analysed a phishing message, on one of their Vodafone mobiles - the text message read: "Someone sent you special Flowers. Click on the link below or copy, paste on your browser and login Vodafone to see the Flowers & Sender. www./flowerz"
ESET analysed the link, which took them to a faked 'My Vodafone' site which looks a lot like the real one (with various special offers on phones, etc.), but at a different web address. The site asked them to log in to their My Vodafone account with their phone number and password (which they did) and they were re-directed to their actual vodafone.ie My Vodafone page, which again asked for log in.
So what just happened?
Well, anyone who typed in their actual phone number and password for My Vodafone into the faked website, has just handed over their login info to a cybercriminal, who can then log into their My Vodafone account and use and abuse it at will.
A quick search reveals the domain owner of the faked website as Latorcorp Limited using an address from Fremont, California and it seems to also host a couple faked matchmaking websites. The name Latorcorp is otherwise connected to a web design company from Nigeria, but also comes up in connection to over 20 domain names and several other 419 scams, which in ESET's opinion could merit a bit of a criminal investigation by law enforcement.
According to Urban Schrott, ESET Ireland, unlike Irish banks that warn their customers of the many scams abusing their bank's name, no easily visible warning could be found on the Vodafone.ie website. Upon ringing their customer support about being concerned that customers are being targeted by scams and are not warned about it, ESET were told that if someone rings and asks about a dodgy text they've received they'd certainly be advised against opening it, and if a user had already handed their login credentials to cybercriminals Vodafone could change their password for them.
Urban says; "In our opinion that's too little, too late, as by then the damage could already be done. The first step of fighting cybercrime is to be aware of it and a timely warning could go a long way here."
ESET Ireland therefore recommends computer and mobile device users to think before they click and if they're unsure of any content, whether it relates to their online banking, mobile provider, etc., to contact their customer support and try to find out whether the message they received was legitimate or a scam.
Visit ESET Ireland
More about ESET Ireland on IrishDev.com
More about Vodafone on IrishDev.com
Get Instant Irish Tech News Updates....
![]() |
![]() |
![]() |